Topic: deephas

Topic: Piranha CMS 12.0 Stored XSS in Text Block Risk: Low Text:# Exploit Title: Piranha CMS 12.0 - Stored Cross Site Scripting # Date: 2025-09-26 # Exploit Author: Chidubem Chukwu (Termin...

Topic: Django 5.1.13 SQL Injection Risk: Medium Text:# Exploit Title: Django 5.1.13 - SQL Injection # Google Dork: [none] # Not applicable for this vulnerability # Date: 2025-12...

Topic: BoidCMS v2.0.0-authenticated-file-upload-RCE Risk: High Text:# Title: BoidCMS v2.0.0-authenticated-file-upload-RCE # Author: nu11secur1ty # Date: 2026-01-29 # Vendor: BoidCMS # Softwar...

Topic: Linux Kernel 5.8

Topic: BoidCMS v2.1.2 Apache .htaccess Rule Bypass Leading to Information Disclosure Risk: Low Text:# Title: Apache .htaccess Rule Bypass Leading to Information Disclosure # Author: nu11secur1ty # Date: 2026-01-29 # Vendor: ...

Topic: Nginx 1.25.x Server Version Information Disclosure Risk: Low Text:During security testing, the target web server was found to expose its exact Nginx version (1.25.x) via HTTP response headers....

Topic: LangChain Core - Serialization Injection to Jinja2 SSTI/RCE Risk: High Text:# Exploit Title: LangChain Core - Serialization Injection to Jinja2 SSTI/RCE # Date: 2025-12-29 # Exploit Author: Mohammed I...

Topic: LayerSlider 7.9.5 – Unauthenticated SQL Injection Risk: Low Text:LayerSlider WordPress plugin versions between 7.9.11 and 7.10.0 are affected by an unauthenticated SQL Injection vulnerability....

Topic: WordPress Plugin FS Affiliates 5.6 - Unrestricted Arbitrary File Upload Risk: High Text: # [UnM@SK Security Advisory] # [#] Title: WordPress Plugin FS Affiliates 5.6 - Unrestricted Arbitrary File Upload [#] A...

Topic: Telnet Argument Injection Privilege Escalation - RCE Risk: High Text:# Titles: Telnet Argument Injection Privilege Escalation - RCE # Author: nu11secur1ty # Date: 1/24/2026 # Vendor: https://ww...

Topic: Chamillo LMS 1.11.2 Missing Cache Header Risk: Low Text:# CVE-2025-69581 An issue was discovered in Chamillo LMS 1.11.2. The Social Network /personal_data endpoint exposes full se...

Topic: ahu.mlsp.government.bg-XSS-Reflected-CRITICAL Cross-site scripting Risk: Low Text:## Happy New Year, dear friends. The same case: one year, nobody responds to this report! ## Titles: ahu.mlsp.government.bg-XS...

Topic: WordPress Plugin wp-front-user-submit – AJAX Login Username Enumeration Vulnerability Risk: Low Text:Description The WordPress plugin wp-front-user-submit is vulnerable to username enumeration via its unauthenticated AJAX login...

Topic: AVideo Notify.ffmpeg.json.php Unauthenticated Remote Code Execution Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-...

Topic: phpIPAM 1.4 SQL-Injection Risk: Medium Text:# Exploit Title: phpIPAM 1.4 - SQL Injection # Date: 2025-11-25 # Exploit Author: CodeSecLab # Vendor Homepage: https://git...

Topic: n8n Workflow Expression Remote Code Execution Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-...

Topic: CarRentalMS 2.0 Cross Site Request Forgery Risk: Low Text:## Description A Cross-Site Request Forgery (CSRF) vulnerability exists in the administrator profile update functionality of...

Topic: LibreChat MCP Stdio Remote Command Execution Risk: High Text:LibreChat MCP Stdio Remote Command Execution Jeremy Brown (jbrown3264/gmail), January 2026 = Summary = LibreChat...

Topic: WordPress Quiz Maker 6.7.0.56 SQL Injection Risk: Medium Text:# Exploit Title: WordPress Quiz Maker 6.7.0.56 - SQL Injection # Date: 2025-12-16 # Exploit Author: Rahul Sreenivasan (Tr0j4n...